package com.jd.security.conifg;

import java.util.regex.Pattern;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCrypt;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import com.jd.security.service.CustomUserService;

/**
 * 主要继承 WebSecurityConfigurerAdapter 实现访问资源之前的拦截配置。该拦截器的顺序在资源服务器拦截器之前。
 */
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

	@Autowired
    private CustomUserService customUserDetailsService;

	// 注册UserDetailsService 的bean
//	@Bean
//	UserDetailsService customUserService() {
//		return new CustomUserService();
//	}

	/**
	 * 拦截配置
	 */
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		// 关闭csrf，拦截所有请求
//		http.requestMatchers().antMatchers("/oauth/authorize").and().authorizeRequests().anyRequest().authenticated()
//				.and().exceptionHandling().authenticationEntryPoint(customAuthEntryPoint)
//				.accessDeniedHandler(customAccessDeniedHandler);
//		
		 http
         .requestMatchers().anyRequest()
         .and()
             .authorizeRequests()
             .antMatchers("/oauth/**").permitAll();
	}

	@Override
	public void configure(WebSecurity web) throws Exception {
		web.ignoring().antMatchers("/favor.ico");
	}

	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		auth.userDetailsService(customUserDetailsService).passwordEncoder(passwordEncoder());
	}
	

	/**
	 * password 验证需要设置
	 */
	@Override
	@Bean
	public AuthenticationManager authenticationManagerBean() throws Exception {
		return super.authenticationManagerBean();
	}

	@Bean
	public static BCryptPasswordEncoder passwordEncoder() {
		return new BCryptPasswordEncoder();
	}


	public static void main(String[] args) {
		 Pattern BCRYPT_PATTERN = Pattern
				.compile("\\A\\$2a?\\$\\d\\d\\$[./0-9A-Za-z]{53}");
		String rawPassword = "123456";
		String encodedPassword = new BCryptPasswordEncoder().encode("123456");
		System.out.println(encodedPassword);
		BCryptPasswordEncoder bpe = new BCryptPasswordEncoder();
		
		if (!BCRYPT_PATTERN.matcher(encodedPassword).matches()) {
		
			System.out.println("Encoded password does not look like BCrypt");
		}else {
			Boolean bl = bpe.matches("123F", encodedPassword);
			System.out.println(bl);
			
			boolean ic = BCrypt.checkpw(rawPassword.toString(), encodedPassword);
			System.out.println(bl);
		}
		
		
	//	System.err.println(new BCryptPasswordEncoder().encode("123456"));
	
	}
	
}
